[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Replacing Telnet with SSH
- Subject: Re: [cobalt-users] Replacing Telnet with SSH
- From: Jim Popovitch <jimpop@xxxxxxxxx>
- Date: Wed Jun 20 07:06:03 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
--- Carrie Bartkowiak <ravencarrie@xxxxxxxx> wrote:
> I'd highly suggest using SSH2 rather than SSH1, it's more
> secure and I think there are exploits running around for
> SSH1 (don't quote me on that, though).
First, SSH1 and SSH2 are both protocols. SSH applications (clients and
servers such as OpenSSH) are as secure as the last bottle of beer at a
keg-party. (it all depends on which friends are in your house). To say
that one is more secure (insecure?) than another is not very accurate.
SSH1 and SSH2 implementations differ by licensing policies more so than
encryption methods. While it might be easy to assume that SSH2
applications are newer, it could just as easily be wrong. Support for
SSH1 or SSH2 can be secure, it all depends on the implementation. The
best advice I can give: Use OpenSSH (they now support both protocols),
subscribe to their security announcement list and pray that you will at
least hear of the next flaw mere moments before the kid waiting to hack
your server.
-Jim P.
>
> CarrieB
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/